Changeset 4207
- Timestamp:
- 12/19/13 14:36:04 (10 years ago)
- Location:
- DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src
- Files:
-
- 12 edited
-
main/java/eu/dasish/annotation/backend/Helpers.java (modified) (1 diff)
-
main/java/eu/dasish/annotation/backend/dao/AnnotationDao.java (modified) (3 diffs)
-
main/java/eu/dasish/annotation/backend/dao/DBIntegrityService.java (modified) (2 diffs)
-
main/java/eu/dasish/annotation/backend/dao/impl/DBIntegrityServiceImlp.java (modified) (8 diffs)
-
main/java/eu/dasish/annotation/backend/dao/impl/JdbcAnnotationDao.java (modified) (7 diffs)
-
main/java/eu/dasish/annotation/backend/rest/AnnotationResource.java (modified) (25 diffs)
-
main/java/eu/dasish/annotation/backend/rest/CachedRepresentationResource.java (modified) (4 diffs)
-
main/java/eu/dasish/annotation/backend/rest/NotebookResource.java (modified) (3 diffs)
-
main/java/eu/dasish/annotation/backend/rest/TargetResource.java (modified) (5 diffs)
-
main/java/eu/dasish/annotation/backend/rest/UserResource.java (modified) (6 diffs)
-
test/java/eu/dasish/annotation/backend/dao/impl/DBIntegrityServiceTest.java (modified) (12 diffs)
-
test/java/eu/dasish/annotation/backend/dao/impl/JdbcAnnotationDaoTest.java (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/Helpers.java
r4188 r4207 71 71 Document document = element.getOwnerDocument(); 72 72 DOMImplementationLS domImplLS = (DOMImplementationLS) document.getImplementation(); 73 String encoding=document.getInputEncoding();74 73 LSSerializer serializer = domImplLS.createLSSerializer(); 75 74 String result = serializer.writeToString(element); -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/dao/AnnotationDao.java
r4146 r4207 114 114 public Permission getPermission(Number annotationID, Number userID); 115 115 116 public List<Number> getAnnotationIDsForUserWithPermission(Number userID, String permissionString);116 public List<Number> getAnnotationIDsForUserWithPermission(Number userID, String[] permissionStrings); 117 117 118 118 … … 164 164 /////// UPDATERS ////////////////// 165 165 166 int updateAnnotationBodyText(Number annotationID, String text); 167 168 /** 169 * 170 * @param annotationID 171 * @param annotationBody 172 * @return # of updated rows in "annotation" table after updating the annotation's body text with "newBodyText". Should return 1. 173 */ 174 public int updateAnnotationBody(Number annotationID, AnnotationBody annotationBody); 166 167 public int updateAnnotationBody(Number annotationID, String text, String mimeType, Boolean isXml); 175 168 176 169 … … 229 222 */ 230 223 public int deleteAnnotationPrincipalPermissions(Number annotationID); 224 225 /* 226 * HELPERS 227 */ 228 229 public String[] retrieveBodyComponents(AnnotationBody annotationBody); 231 230 232 231 } -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/dao/DBIntegrityService.java
r4028 r4207 88 88 * -- created after time-samp "after and before time-stamp "before". 89 89 */ 90 List<Number> getFilteredAnnotationIDs(String link, String text, Number inloggedUserID, String access, String namespace, UUID90 List<Number> getFilteredAnnotationIDs(String link, String text, Number inloggedUserID, String[] accessModes, String namespace, UUID 91 91 owner, Timestamp after, Timestamp before); 92 92 … … 110 110 * -- created after time-samp "after and before time-stamp "before". 111 111 */ 112 AnnotationInfoList getFilteredAnnotationInfos(String word, String text, Number inloggedUserID, String access, String namespace, UUID112 AnnotationInfoList getFilteredAnnotationInfos(String word, String text, Number inloggedUserID, String[] accessModes, String namespace, UUID 113 113 ownerID, Timestamp after, Timestamp before); 114 114 -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/dao/impl/DBIntegrityServiceImlp.java
r4181 r4207 40 40 import eu.dasish.annotation.schema.User; 41 41 import eu.dasish.annotation.schema.UserWithPermission; 42 import java.io.IOException; 42 43 import java.io.InputStream; 43 44 import java.lang.Number; 45 import java.sql.SQLException; 44 46 import java.sql.Timestamp; 45 47 import java.util.ArrayList; … … 48 50 import java.util.Map; 49 51 import java.util.UUID; 52 import javax.xml.parsers.ParserConfigurationException; 50 53 import org.springframework.beans.factory.annotation.Autowired; 51 54 import org.slf4j.Logger; 52 55 import org.slf4j.LoggerFactory; 56 import org.springframework.transaction.annotation.Transactional; 53 57 54 58 /** … … 94 98 } 95 99 96 ///////////// GETTERS //////////////////////////100 97 101 @Override 98 102 public Number getTargetInternalIdentifier(UUID externalID) { … … 189 193 //////////////////////////////////////////////////////////////////////// 190 194 @Override 191 public List<Number> getFilteredAnnotationIDs(String link, String text, Number inloggedUserID, String access, String namespace, UUID owner, Timestamp after, Timestamp before) {192 193 if (access == null) {194 return null; 195 } 196 197 List<Number> annotationIDs = annotationDao.getAnnotationIDsForUserWithPermission(inloggedUserID, access );195 public List<Number> getFilteredAnnotationIDs(String link, String text, Number inloggedUserID, String[] accessModes, String namespace, UUID owner, Timestamp after, Timestamp before) { 196 197 if (accessModes == null) { 198 return null; 199 } 200 201 List<Number> annotationIDs = annotationDao.getAnnotationIDsForUserWithPermission(inloggedUserID, accessModes); 198 202 199 203 if (link != null) { … … 258 262 259 263 @Override 260 public AnnotationInfoList getFilteredAnnotationInfos(String word, String text, Number inloggedUserID, String access, String namespace, UUID owner, Timestamp after, Timestamp before) {261 List<Number> annotationIDs = getFilteredAnnotationIDs(word, text, inloggedUserID, access , namespace, owner, after, before);264 public AnnotationInfoList getFilteredAnnotationInfos(String word, String text, Number inloggedUserID, String[] accessModes, String namespace, UUID owner, Timestamp after, Timestamp before) { 265 List<Number> annotationIDs = getFilteredAnnotationIDs(word, text, inloggedUserID, accessModes, namespace, owner, after, before); 262 266 if (annotationIDs != null) { 263 267 AnnotationInfoList result = new AnnotationInfoList(); … … 388 392 @Override 389 393 public int updateAnnotationBody(Number internalID, AnnotationBody annotationBody) { 390 return annotationDao.updateAnnotationBody(internalID, annotationBody); 394 String[] body = annotationDao.retrieveBodyComponents(annotationBody); 395 return annotationDao.updateAnnotationBody(internalID, body[0], body[1], annotationBody.getXmlBody()!=null); 391 396 } 392 397 … … 518 523 String bodyText; 519 524 String newBodyText; 525 String mimeType; 520 526 if (annotationBody.getXmlBody() != null) { 521 527 bodyText = Helpers.elementToString(annotation.getBody().getXmlBody().getAny()); 528 mimeType = annotationBody.getXmlBody().getMimeType(); 522 529 } else { 523 530 if (annotation.getBody().getTextBody() != null) { 524 531 bodyText = annotation.getBody().getTextBody().getValue(); 525 532 mimeType = annotationBody.getTextBody().getMimeType(); 526 533 } else { 527 534 logger.error("The client has sent ill-formed annotation body."); … … 530 537 } 531 538 newBodyText = Helpers.replace(bodyText, targetIdPairs); 532 return annotationDao.updateAnnotationBody Text(annotationID, newBodyText);539 return annotationDao.updateAnnotationBody(annotationID, newBodyText, mimeType, annotationBody.getXmlBody() != null); 533 540 } 534 541 -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/dao/impl/JdbcAnnotationDao.java
r4183 r4207 26 26 import eu.dasish.annotation.schema.AnnotationInfo; 27 27 import eu.dasish.annotation.schema.Permission; 28 import java.io.IOException; 28 29 import java.lang.String; 29 30 import java.sql.ResultSet; … … 37 38 import javax.sql.DataSource; 38 39 import javax.xml.datatype.DatatypeConfigurationException; 40 import javax.xml.parsers.ParserConfigurationException; 39 41 import org.springframework.jdbc.core.RowMapper; 42 import org.xml.sax.SAXException; 40 43 41 44 /** … … 115 118 116 119 @Override 117 public List<Number> getAnnotationIDsForUserWithPermission(Number userID, String permissionString) { 118 if (userID == null || permissionString == null) { 119 return null; 120 } 120 public List<Number> getAnnotationIDsForUserWithPermission(Number userID, String[] permissionStrings) { 121 if (userID == null || permissionStrings == null) { 122 return null; 123 } 124 125 String values = stringsToValuesString(permissionStrings); 126 121 127 StringBuilder sql = new StringBuilder("SELECT "); 122 128 sql.append(annotation_id).append(" FROM ").append(permissionsTableName).append(" WHERE "). 123 129 append(principal_id).append(" = ").append(userID.toString()).append(" AND "). 124 append(permission).append(" = ?");; 125 return getSimpleJdbcTemplate().query(sql.toString(), internalIDRowMapper, permissionString); 130 append(permission).append(" IN ").append(values); 131 return getSimpleJdbcTemplate().query(sql.toString(), internalIDRowMapper); 132 } 133 134 private String stringsToValuesString(String[] strings) { 135 if (strings == null) { 136 return null; 137 } 138 139 int length = strings.length; 140 if (length == 0) { 141 return null; 142 } 143 String result = "("; 144 for (int i = 0; i < length - 1; i++) { 145 result = result + "'"+strings[i] + "', "; 146 } 147 result = result + "'"+strings[length - 1] + "')"; 148 return result; 126 149 } 127 150 … … 312 335 313 336 //////////// UPDATERS ///////////// 314 @Override 315 public int updateAnnotationBodyText(Number annotationID, String text) { 316 StringBuilder sql = new StringBuilder("UPDATE "); 317 sql.append(annotationTableName).append(" SET "). 318 append(last_modified).append("= default,"). 319 append(body_text).append("= '").append(text). 320 append("' WHERE ").append(annotation_id).append("= ?"); 321 int affectedRows = getSimpleJdbcTemplate().update(sql.toString(), annotationID); 322 return affectedRows; 323 } 324 325 @Override 326 public int updateAnnotationBody(Number annotationID, AnnotationBody annotationBody) { 327 String[] body = retrieveBodyComponents(annotationBody); 337 338 339 @Override 340 public int updateAnnotationBody(Number annotationID, String text, String mimeType, Boolean isXml) { 328 341 Map<String, Object> params = new HashMap<String, Object>(); 329 params.put("annotationID", annotation _id);330 params.put("bodyText", body[0]);331 params.put("bodyMimeType", body[1]);332 params.put("isXml", annotationBody.getXmlBody() != null);342 params.put("annotationID", annotationID); 343 params.put("bodyText", text); 344 params.put("bodyMimeType", mimeType); 345 params.put("isXml", isXml); 333 346 334 347 StringBuilder sql = new StringBuilder("UPDATE "); … … 338 351 append(body_mimetype).append("= :bodyMimeType, "). 339 352 append(is_xml).append("= :isXml"). 340 append(" 'WHERE ").append(annotation_id).append("= :annotationID");341 int affectedRows = getSimpleJdbcTemplate().update(sql.toString(), annotationID);353 append(" WHERE ").append(annotation_id).append("= :annotationID"); 354 int affectedRows = getSimpleJdbcTemplate().update(sql.toString(), params); 342 355 return affectedRows; 343 356 } … … 374 387 Map<String, Object> params = new HashMap<String, Object>(); 375 388 params.put("permission", permission.value()); 376 params.put("annotationID", annotation _id);377 params.put("principalID", principal_id);389 params.put("annotationID", annotationID); 390 params.put("principalID", userID); 378 391 379 392 StringBuilder sql = new StringBuilder("UPDATE "); 380 393 sql.append(permissionsTableName).append(" SET "). 381 394 append(this.permission).append("= :permission"). 382 append(" WHERE ").append(annotation_id).append("= : 395 append(" WHERE ").append(annotation_id).append("= :annotationID"). 383 396 append(" AND ").append(principal_id).append("= :principalID"); 384 397 return getSimpleJdbcTemplate().update(sql.toString(), params); … … 474 487 475 488 /////////////// helpers ////////////////// 476 p rivateString[] retrieveBodyComponents(AnnotationBody annotationBody) {489 public String[] retrieveBodyComponents(AnnotationBody annotationBody) { 477 490 boolean body_is_xml = annotationBody.getXmlBody() != null; 478 491 String[] result = new String[2]; -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/rest/AnnotationResource.java
r4173 r4207 34 34 import java.io.IOException; 35 35 import java.net.URI; 36 import java.security.Principal;37 36 import java.sql.Timestamp; 38 37 import java.util.ArrayList; … … 52 51 import javax.ws.rs.core.Context; 53 52 import javax.ws.rs.core.MediaType; 54 import javax.ws.rs.core.SecurityContext;55 53 import javax.ws.rs.core.UriInfo; 56 54 import javax.ws.rs.ext.Providers; … … 61 59 import org.slf4j.Logger; 62 60 import org.slf4j.LoggerFactory; 61 import org.springframework.transaction.annotation.Transactional; 63 62 64 63 /** … … 68 67 @Component 69 68 @Path("/annotations") 69 @Transactional(rollbackFor = {Exception.class}) 70 70 public class AnnotationResource { 71 71 … … 110 110 @Path("{annotationid: " + BackendConstants.regExpIdentifier + "}") 111 111 @Secured("ROLE_USER") 112 public JAXBElement<Annotation> getAnnotation(@PathParam("annotationid") String ExternalIdentifier) { 112 @Transactional(readOnly = true) 113 public JAXBElement<Annotation> getAnnotation(@PathParam("annotationid") String ExternalIdentifier) throws IOException { 113 114 URI baseURI = uriInfo.getBaseUri(); 114 115 String baseURIstr = baseURI.toString(); … … 123 124 return rootElement; 124 125 } else { 125 try { 126 logger.error("FORBIDDEN-access attempt"); 127 httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN); 128 } catch (IOException ioe) { 129 logger.error("IOException: Cannot send server respond about unaithorized access."); 130 } 126 httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN); 131 127 return null; 132 128 } … … 139 135 @Path("{annotationid: " + BackendConstants.regExpIdentifier + "}/targets") 140 136 @Secured("ROLE_USER") 141 public JAXBElement<ReferenceList> getAnnotationTargets(@PathParam("annotationid") String ExternalIdentifier) { 137 @Transactional(readOnly = true) 138 public JAXBElement<ReferenceList> getAnnotationTargets(@PathParam("annotationid") String ExternalIdentifier) throws IOException { 142 139 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); 143 140 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(ExternalIdentifier)); … … 148 145 return new ObjectFactory().createTargetList(TargetList); 149 146 } else { 150 try { 151 logger.error("FORBIDDEN-access attempt"); 152 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 153 } catch (IOException ioe) { 154 logger.error("IOException: Cannot send server respond about unaithorized access."); 155 } 147 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 156 148 return null; 157 149 } … … 163 155 @Path("") 164 156 @Secured("ROLE_USER") 157 @Transactional(readOnly = true) 165 158 public JAXBElement<AnnotationInfoList> getFilteredAnnotations(@QueryParam("link") String link, 166 159 @QueryParam("text") String text, … … 175 168 UUID ownerExternalUUID = (ownerExternalId != null) ? UUID.fromString(ownerExternalId) : null; 176 169 String access = (permission != null) ? permission : default_permission; 177 final AnnotationInfoList annotationInfoList = dbIntegrityService.getFilteredAnnotationInfos(link, text, userID, access, namespace, ownerExternalUUID, after, before);170 final AnnotationInfoList annotationInfoList = dbIntegrityService.getFilteredAnnotationInfos(link, text, userID, makeAccessModeChain(access), namespace, ownerExternalUUID, after, before); 178 171 logger.info("getFilteredAnnotations method: OK"); 179 172 return new ObjectFactory().createAnnotationInfoList(annotationInfoList); … … 185 178 @Path("{annotationid: " + BackendConstants.regExpIdentifier + "}/permissions") 186 179 @Secured("ROLE_USER") 187 public JAXBElement<UserWithPermissionList> getAnnotationPermissions(@PathParam("annotationid") String ExternalIdentifier) { 180 @Transactional(readOnly = true) 181 public JAXBElement<UserWithPermissionList> getAnnotationPermissions(@PathParam("annotationid") String ExternalIdentifier) throws IOException { 188 182 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); 189 183 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(ExternalIdentifier)); … … 194 188 return new ObjectFactory().createPermissionList(permissionList); 195 189 } else { 196 try { 197 logger.error("FORBIDDEN-access attempt"); 198 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 199 } catch (IOException ioe) { 200 logger.error("IOException: Cannot send server respond about unaithorized access."); 201 } 190 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 202 191 return null; 203 192 } … … 210 199 @Path("{annotationid: " + BackendConstants.regExpIdentifier + "}") 211 200 @Secured("ROLE_USER") 212 public String deleteAnnotation(@PathParam("annotationid") String externalIdentifier) {201 public String deleteAnnotation(@PathParam("annotationid") String externalIdentifier) throws IOException { 213 202 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); 214 203 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(externalIdentifier)); … … 220 209 return result + " annotation(s) deleted."; 221 210 } else { 222 logger.error("FORBIDDEN-access attempt. Only the owner can delete an annotation."); 223 try { 224 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 225 } catch (IOException ioe) { 226 logger.error("IOException: Cannot send server respond about unaithorized access."); 227 } 211 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 228 212 return null; 229 213 } … … 237 221 @Path("") 238 222 @Secured("ROLE_USER") 239 public JAXBElement<ResponseBody> createAnnotation(Annotation annotation) {223 public JAXBElement<ResponseBody> createAnnotation(Annotation annotation) throws IOException { 240 224 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); 241 225 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); … … 252 236 @Path("{annotationid: " + BackendConstants.regExpIdentifier + "}") 253 237 @Secured("ROLE_USER") 254 public JAXBElement<ResponseBody> updateAnnotation(@PathParam("annotationid") String externalIdentifier, Annotation annotation) {238 public JAXBElement<ResponseBody> updateAnnotation(@PathParam("annotationid") String externalIdentifier, Annotation annotation) throws IOException { 255 239 String path = uriInfo.getBaseUri().toString(); 256 240 dbIntegrityService.setServiceURI(path); … … 269 253 270 254 } else { 271 logger.error("FORBIDDEN-access attempt."); 272 logger.error("The logged-in user is not authorised to alter this annotation. "); 273 try { 274 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 275 } catch (IOException ioe) { 276 logger.error("IOException: Cannot send server respond about unaithorized access."); 277 } 278 return null; 279 } 280 281 } 282 255 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 256 return null; 257 } 258 259 } 260 283 261 @PUT 284 262 @Consumes(MediaType.APPLICATION_XML) … … 286 264 @Path("{annotationid: " + BackendConstants.regExpIdentifier + "}/body") 287 265 @Secured("ROLE_USER") 288 public JAXBElement<ResponseBody> updateAnnotationBody(@PathParam("annotationid") String externalIdentifier, AnnotationBody annotationBody) {266 public JAXBElement<ResponseBody> updateAnnotationBody(@PathParam("annotationid") String externalIdentifier, AnnotationBody annotationBody) throws IOException { 289 267 String path = uriInfo.getBaseUri().toString(); 290 268 dbIntegrityService.setServiceURI(path); 291 269 292 270 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(externalIdentifier)); 293 271 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); … … 296 274 logger.info("updateAnnotationBody method: OK"); 297 275 return new ObjectFactory().createResponseBody(makeAnnotationResponseEnvelope(annotationID)); 298 299 } else { 300 logger.error("FORBIDDEN-access attempt."); 301 logger.error("The logged-in user is not authorised to alter this annotation. "); 302 try { 303 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 304 } catch (IOException ioe) { 305 logger.error("IOException: Cannot send server respond about unaithorized access."); 306 } 276 } else { 277 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 307 278 return null; 308 279 } … … 315 286 @Path("{annotationid: " + BackendConstants.regExpIdentifier + "}/permissions/{userid: " + BackendConstants.regExpIdentifier + "}") 316 287 @Secured("ROLE_USER") 317 public String updatePermission(@PathParam("annotationid") String annotationExternalId, @PathParam("userid") String userExternalId, Permission permission) {288 public String updatePermission(@PathParam("annotationid") String annotationExternalId, @PathParam("userid") String userExternalId, Permission permission) throws IOException { 318 289 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); 319 290 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(annotationExternalId)); … … 328 299 329 300 } else { 330 logger.error("FORBIDDEN-access attempt"); 331 logger.error("The logged-in user is not authorised to alter this annotation. "); 332 try { 333 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 334 } catch (IOException ioe) { 335 logger.error("IOException: Cannot send server respond about unaithorized access."); 336 } 301 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 337 302 return null; 338 303 } … … 344 309 @Path("{annotationid: " + BackendConstants.regExpIdentifier + "}/permissions/") 345 310 @Secured("ROLE_USER") 346 public JAXBElement<ResponseBody> updatePermissions(@PathParam("annotationid") String annotationExternalId, UserWithPermissionList permissions) {311 public JAXBElement<ResponseBody> updatePermissions(@PathParam("annotationid") String annotationExternalId, UserWithPermissionList permissions) throws IOException { 347 312 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); 348 313 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(annotationExternalId)); … … 353 318 return new ObjectFactory().createResponseBody(makePermissionResponseEnvelope(annotationID)); 354 319 } else { 355 logger.error("FORBIDDEN-access attempt"); 356 logger.error("The logged-in user is not authorised to alter this annotation. "); 357 try { 358 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 359 } catch (IOException ioe) { 360 logger.error("IOException: Cannot send server respond about unaithorized access."); 361 } 320 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 362 321 return null; 363 322 } … … 390 349 } 391 350 351 // REFACTOR : move to the integrity service all te methods below 392 352 private List<Action> makeActionList(List<String> resourceURIs, String message) { 393 353 if (resourceURIs != null) { … … 435 395 } 436 396 } 397 398 private String[] makeAccessModeChain(String accessMode) { 399 if (accessMode != null) { 400 if (accessMode == Permission.OWNER.value()) { 401 String[] result = new String[1]; 402 result[0] = accessMode; 403 return result; 404 } else { 405 if (accessMode == Permission.WRITER.value()) { 406 String[] result = new String[2]; 407 result[0] = Permission.WRITER.value(); 408 result[1] = Permission.OWNER.value(); 409 return result; 410 } else { 411 if (accessMode == Permission.READER.value()) { 412 String[] result = new String[3]; 413 result[0] = Permission.READER.value(); 414 result[1] = Permission.WRITER.value(); 415 result[2] = Permission.OWNER.value(); 416 return result; 417 } else { 418 logger.error("Invalide access " + accessMode); 419 return null; 420 } 421 422 } 423 } 424 425 } else { 426 return null; 427 } 428 } 437 429 } -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/rest/CachedRepresentationResource.java
r3949 r4207 37 37 import javax.ws.rs.core.UriInfo; 38 38 import javax.xml.bind.JAXBElement; 39 import javax.xml.parsers.ParserConfigurationException; 39 40 import org.springframework.beans.factory.annotation.Autowired; 40 41 import org.springframework.security.access.annotation.Secured; 41 42 import org.springframework.stereotype.Component; 43 import org.springframework.transaction.annotation.Transactional; 42 44 43 45 /** … … 47 49 @Component 48 50 @Path("/cached") 51 @Transactional(rollbackFor={Exception.class, SQLException.class, IOException.class, ParserConfigurationException.class}) 49 52 public class CachedRepresentationResource { 50 53 … … 65 68 @Produces(MediaType.TEXT_XML) 66 69 @Path("{cachedid: " + BackendConstants.regExpIdentifier + "}/metadata") 67 @Secured("ROLE_USER") 70 @Secured("ROLE_USER") 71 @Transactional(readOnly=true) 68 72 public JAXBElement<CachedRepresentationInfo> getCachedRepresentationInfo(@PathParam("cachedid") String externalId) throws SQLException { 69 73 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); … … 76 80 @Produces({"image/jpeg", "image/png"}) 77 81 @Path("{cachedid: " + BackendConstants.regExpIdentifier + "}/content") 78 @Secured("ROLE_USER") 82 @Secured("ROLE_USER") 83 @Transactional(readOnly=true) 79 84 public BufferedImage getCachedRepresentationContent(@PathParam("cachedid") String externalId) throws SQLException, IOException { 80 85 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/rest/NotebookResource.java
r3722 r4207 19 19 20 20 import eu.dasish.annotation.backend.dao.DBIntegrityService; 21 import java.io.IOException; 22 import java.sql.SQLException; 21 23 import javax.servlet.http.HttpServletRequest; 22 24 import javax.ws.rs.Path; … … 24 26 import javax.ws.rs.core.UriInfo; 25 27 import javax.ws.rs.ext.Providers; 28 import javax.xml.parsers.ParserConfigurationException; 26 29 import org.springframework.beans.factory.annotation.Autowired; 27 30 import org.springframework.stereotype.Component; 31 import org.springframework.transaction.annotation.Transactional; 28 32 29 33 /** … … 34 38 @Component 35 39 @Path("/notebooks") 40 @Transactional(rollbackFor={Exception.class, SQLException.class, IOException.class, ParserConfigurationException.class}) 36 41 public class NotebookResource { 37 42 -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/rest/TargetResource.java
r4028 r4207 26 26 import eu.dasish.annotation.schema.ReferenceList; 27 27 import eu.dasish.annotation.schema.Target; 28 import java.io.IOException; 28 29 import java.io.InputStream; 29 30 import java.sql.SQLException; … … 41 42 import javax.ws.rs.core.UriInfo; 42 43 import javax.xml.bind.JAXBElement; 44 import javax.xml.parsers.ParserConfigurationException; 43 45 import org.springframework.beans.factory.annotation.Autowired; 44 46 import org.springframework.security.access.annotation.Secured; 45 47 import org.springframework.stereotype.Component; 48 import org.springframework.transaction.annotation.Transactional; 46 49 47 50 /** … … 55 58 @Component 56 59 @Path("/targets") 60 @Transactional(rollbackFor={Exception.class, SQLException.class, IOException.class, ParserConfigurationException.class}) 57 61 public class TargetResource { 58 62 … … 75 79 @Produces(MediaType.TEXT_XML) 76 80 @Path("{targetid: " + BackendConstants.regExpIdentifier + "}") 77 @Secured("ROLE_USER") 81 @Secured("ROLE_USER") 82 @Transactional(readOnly=true) 78 83 public JAXBElement<Target> getTarget(@PathParam("targetid") String ExternalIdentifier) throws SQLException { 79 84 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); … … 87 92 @Produces(MediaType.TEXT_XML) 88 93 @Path("{targetid: " + BackendConstants.regExpIdentifier + "}/versions") 89 @Secured("ROLE_USER") 94 @Secured("ROLE_USER") 95 @Transactional(readOnly=true) 90 96 public JAXBElement<ReferenceList> getSiblingTargets(@PathParam("targetid") String ExternalIdentifier) throws SQLException { 91 97 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/rest/UserResource.java
r4010 r4207 23 23 import eu.dasish.annotation.schema.ObjectFactory; 24 24 import eu.dasish.annotation.schema.User; 25 import java.io.IOException; 25 26 import java.sql.SQLException; 26 27 import java.util.UUID; … … 38 39 import javax.ws.rs.core.UriInfo; 39 40 import javax.xml.bind.JAXBElement; 41 import javax.xml.parsers.ParserConfigurationException; 40 42 import org.springframework.beans.factory.annotation.Autowired; 41 43 import org.springframework.security.access.annotation.Secured; 42 44 import org.springframework.stereotype.Component; 45 import org.springframework.transaction.annotation.Transactional; 43 46 44 47 /** … … 48 51 @Component 49 52 @Path("/users") 53 @Transactional(rollbackFor={Exception.class, SQLException.class, IOException.class, ParserConfigurationException.class}) 50 54 public class UserResource { 51 55 @Autowired … … 66 70 @Produces(MediaType.TEXT_XML) 67 71 @Path("{userid: " + BackendConstants.regExpIdentifier + "}") 68 @Secured("ROLE_USER") 72 @Secured("ROLE_USER") 73 @Transactional(readOnly=true) 69 74 public JAXBElement<User> getUser(@PathParam("userid") String ExternalIdentifier) throws SQLException { 70 75 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); … … 77 82 @Produces(MediaType.TEXT_XML) 78 83 @Path("/info") 79 @Secured("ROLE_USER") 84 @Secured("ROLE_USER") 85 @Transactional(readOnly=true) 80 86 public JAXBElement<User> getUserByInfo(@QueryParam("email") String email) throws SQLException { 81 87 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); … … 87 93 @Produces(MediaType.TEXT_XML) 88 94 @Path("{userid: " + BackendConstants.regExpIdentifier + "}/current") 89 @Secured("ROLE_USER") 95 @Secured("ROLE_USER") 96 @Transactional(readOnly=true) 90 97 public JAXBElement<CurrentUserInfo> getCurrentUserInfo(@PathParam("userid") String ExternalIdentifier){ 91 98 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/test/java/eu/dasish/annotation/backend/dao/impl/DBIntegrityServiceTest.java
r4173 r4207 295 295 mockAnnotationIDs1.add(3); 296 296 mockAnnotationIDs1.add(4); 297 mockAnnotationIDs1.add(5); 297 298 298 299 final List<Number> mockAnnotationIDs2 = new ArrayList<Number>(); … … 300 301 mockAnnotationIDs2.add(3); 301 302 302 final String text = "some html";303 303 304 final UUID owner = UUID.fromString(TestBackendConstants._TEST_USER_4_EXT_ID); 304 305 final Timestamp after = new Timestamp(0); … … 306 307 307 308 final List<Number> mockRetval = new ArrayList<Number>(); 308 mockRetval.add(2); 309 310 309 mockRetval.add(3); 310 311 final String[] accessModes = new String[2]; 312 accessModes[0] = "reader"; 313 accessModes[1] = "writer"; 311 314 312 315 mockeryDao.checking(new Expectations() { … … 315 318 will(returnValue(mockTargetIDs)); 316 319 317 oneOf(annotationDao).getAnnotationIDsForUserWithPermission(3, "reader");320 oneOf(annotationDao).getAnnotationIDsForUserWithPermission(3, accessModes); 318 321 will(returnValue(mockAnnotationIDs1)); 319 322 … … 326 329 327 330 328 oneOf(annotationDao).getFilteredAnnotationIDs(mockAnnotationIDs1, text, null, 4, after, before);331 oneOf(annotationDao).getFilteredAnnotationIDs(mockAnnotationIDs1, "some html", null, 4, after, before); 329 332 will(returnValue(mockRetval)); 330 333 … … 333 336 334 337 335 List result = dbIntegrityService.getFilteredAnnotationIDs(word, text, 3, "reader", null, owner, after, before);338 List result = dbIntegrityService.getFilteredAnnotationIDs(word, "some html", 3, accessModes, null, owner, after, before); 336 339 assertEquals(1, result.size()); 337 assertEquals( 2, result.get(0));340 assertEquals(3, result.get(0)); 338 341 } 339 342 … … 388 391 mockTargetIDs.add(2); 389 392 390 393 final List<Number> mockAnnotationIDs1 = new ArrayList<Number>(); 391 394 mockAnnotationIDs1.add(3); 392 395 mockAnnotationIDs1.add(4); 396 mockAnnotationIDs1.add(5); 393 397 394 398 final List<Number> mockAnnotationIDs2 = new ArrayList<Number>(); … … 403 407 404 408 final List<Number> mockAnnotIDs = new ArrayList<Number>(); 405 mockAnnotIDs.add( 2);409 mockAnnotIDs.add(3); 406 410 407 411 final AnnotationInfo mockAnnotInfo = new AnnotationInfo(); 408 412 409 mockAnnotInfo.setHeadline(TestBackendConstants._TEST_ANNOT_ 2_HEADLINE);410 mockAnnotInfo.setRef(TestBackendConstants._TEST_SERVLET_URI_annotations + TestBackendConstants._TEST_ANNOT_ 2_EXT);413 mockAnnotInfo.setHeadline(TestBackendConstants._TEST_ANNOT_3_HEADLINE); 414 mockAnnotInfo.setRef(TestBackendConstants._TEST_SERVLET_URI_annotations + TestBackendConstants._TEST_ANNOT_3_EXT); 411 415 412 416 final List<Number> TargetIDs = new ArrayList<Number>(); 413 TargetIDs.add(1);414 417 TargetIDs.add(2); 415 418 416 final Map<AnnotationInfo,Number> mockPair = new HashMap<AnnotationInfo, Number>(); 417 mockPair.put(mockAnnotInfo, 3); 418 419 mockeryDao.checking(new Expectations() { 420 { 421 oneOf(annotationDao).getAnnotationIDsForUserWithPermission(3, "reader"); 419 final Map<AnnotationInfo,Number> mockPair = new HashMap<AnnotationInfo, Number>(); // annotationInfo-ownerID 420 mockPair.put(mockAnnotInfo, 4); 421 422 final String[] accessModes = new String[2]; 423 accessModes[0] = "reader"; 424 accessModes[1] = "writer"; 425 426 mockeryDao.checking(new Expectations() { 427 { 428 oneOf(annotationDao).getAnnotationIDsForUserWithPermission(3, accessModes); 422 429 will(returnValue(mockAnnotationIDs1)); 423 430 … … 439 446 // /////////////////////////////////// 440 447 // 441 oneOf(annotationDao).getAnnotationInfoWithoutTargets( 2);448 oneOf(annotationDao).getAnnotationInfoWithoutTargets(3); 442 449 will(returnValue(mockPair)); 443 450 444 451 //// 445 oneOf(annotationDao).retrieveTargetIDs( 2);452 oneOf(annotationDao).retrieveTargetIDs(3); 446 453 will(returnValue(TargetIDs)); 447 454 448 oneOf(targetDao).getURIFromInternalID(1);449 will(returnValue(TestBackendConstants._TEST_SERVLET_URI_Targets +TestBackendConstants._TEST_Target_1_EXT_ID));450 455 451 456 oneOf(targetDao).getURIFromInternalID(2); … … 453 458 //// 454 459 455 oneOf(userDao).getURIFromInternalID( 3);456 will(returnValue(TestBackendConstants._TEST_SERVLET_URI_users +TestBackendConstants._TEST_USER_ 3_EXT_ID));460 oneOf(userDao).getURIFromInternalID(4); 461 will(returnValue(TestBackendConstants._TEST_SERVLET_URI_users +TestBackendConstants._TEST_USER_4_EXT_ID)); 457 462 458 463 … … 461 466 462 467 463 AnnotationInfoList result = dbIntegrityService.getFilteredAnnotationInfos(word, text, 3, "reader", null, ownerUUID, after, before);468 AnnotationInfoList result = dbIntegrityService.getFilteredAnnotationInfos(word, text, 3, accessModes, null, ownerUUID, after, before); 464 469 assertEquals(1, result.getAnnotationInfo().size()); 465 470 AnnotationInfo resultAnnotInfo = result.getAnnotationInfo().get(0); 466 471 assertEquals(mockAnnotInfo.getHeadline(), resultAnnotInfo.getHeadline()); 467 assertEquals(TestBackendConstants._TEST_SERVLET_URI_users +TestBackendConstants._TEST_USER_ 3_EXT_ID, resultAnnotInfo.getOwnerRef());472 assertEquals(TestBackendConstants._TEST_SERVLET_URI_users +TestBackendConstants._TEST_USER_4_EXT_ID, resultAnnotInfo.getOwnerRef()); 468 473 assertEquals(mockAnnotInfo.getRef(),result.getAnnotationInfo().get(0).getRef() ); 469 assertEquals(TestBackendConstants._TEST_SERVLET_URI_Targets +TestBackendConstants._TEST_Target_1_EXT_ID, resultAnnotInfo.getTargets().getRef().get(0)); 470 assertEquals(TestBackendConstants._TEST_SERVLET_URI_Targets +TestBackendConstants._TEST_Target_2_EXT_ID, resultAnnotInfo.getTargets().getRef().get(1)); 474 assertEquals(TestBackendConstants._TEST_SERVLET_URI_Targets +TestBackendConstants._TEST_Target_2_EXT_ID, resultAnnotInfo.getTargets().getRef().get(0)); 471 475 472 476 } … … 690 694 /////////// 691 695 692 oneOf(annotationDao).updateAnnotationBody Text(6, testAnnotation.getBody().getTextBody().getValue());696 oneOf(annotationDao).updateAnnotationBody(6, testAnnotation.getBody().getTextBody().getValue(), testAnnotation.getBody().getTextBody().getMimeType(), false); 693 697 will(returnValue(1)); // the DB update will be called at perform anyway, even if the body is not changed (can be optimized) 694 698 -
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/test/java/eu/dasish/annotation/backend/dao/impl/JdbcAnnotationDaoTest.java
r4173 r4207 376 376 377 377 ////////////////////////////////// 378 @Test 379 public void testUpdateBodyText() throws SQLException{ 380 System.out.println("test updateBodyText"); 381 String newBodyText = "new body"; 382 int result = jdbcAnnotationDao.updateAnnotationBodyText(2, newBodyText); 383 assertEquals(1, result); 384 Map<Annotation,Number> getResult= jdbcAnnotationDao.getAnnotationWithoutTargetsAndPermissions(2); 385 Annotation[] annotations = new Annotation[1]; 386 getResult.keySet().toArray(annotations); 387 assertEquals(newBodyText, annotations[0].getBody().getTextBody().getValue()); 388 System.out.println("update time "+annotations[0].getLastModified()); 389 } 390 378 391 379 392 380
Note: See TracChangeset
for help on using the changeset viewer.
